You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2013/02/20 05:15:18 UTC

svn commit: r1447993 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_init.c

Author: wrowe
Date: Wed Feb 20 04:15:18 2013
New Revision: 1447993

URL: http://svn.apache.org/r1447993
Log:
    mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
    in the error log to debug level.  [William Rowe]


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/ssl/ssl_engine_init.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1447993&r1=1447992&r2=1447993&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Feb 20 04:15:18 2013
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_ssl: Quiet FIPS mode weak keys disabled and FIPS not selected emits
+     in the error log to debug level.  [William Rowe]
+
   *) core: ap_rgetline_core now pulls from r->proto_input_filters.
 
   *) mod_proxy_html: process parsed comments immediately. 

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_init.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_init.c?rev=1447993&r1=1447992&r2=1447993&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_init.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_init.c Wed Feb 20 04:15:18 2013
@@ -91,7 +91,7 @@ static int ssl_tmp_key_init_rsa(server_r
 
     if (FIPS_mode() && bits < 1024) {
         mc->pTmpKeys[idx] = NULL;
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01877)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01877)
                      "Init: Skipping generating temporary "
                      "%d bit RSA private key in FIPS mode", bits);
         return OK;
@@ -140,7 +140,7 @@ static int ssl_tmp_key_init_dh(server_re
 
     if (FIPS_mode() && bits < 1024) {
         mc->pTmpKeys[idx] = NULL;
-        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01880)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01880)
                      "Init: Skipping generating temporary "
                      "%d bit DH parameters in FIPS mode", bits);
         return OK;
@@ -354,7 +354,7 @@ int ssl_init_Module(apr_pool_t *p, apr_p
         }
     }
     else {
-        ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(01886)
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(01886)
                      "SSL FIPS mode disabled");
     }
 #endif